By effectively integrating various interconnected computing resources and implementing multi-layer virtualization and abstraction, a cloud computing platform can effectively provide massive computing resources for users in a form of a reliable virtual machine. The cloud computing platform must not only provide a reliable security assurance technology to prevent security attacks from the Internet and between virtual machines, but also ensure credibility of the cloud computing platform and various applications of the users so as to prevent leakage of user privacy data that includes a trade secret, leakage of code, and so on.
The security assurance technology provided by an existing cloud computing platform includes, for example, a virtual machine user identity authentication technology, or a malware prevention technology, or a data leakage prevention (DLP) technology.
However, the security assurance technology provided based on the existing cloud computing platform has a lot of problems. For example, the virtual machine user identity authentication technology cannot solve a security threat problem caused by a privilege of a cloud computing platform administrator; for another example, the malware prevention technology can prevent only malware and Trojan horses that can be identified by security software and a false negative may occur; for another example, the data leakage prevention technology supports only limited operating systems or applications and cannot support 64-bit Windows, Linux, and the like, or does not apply to a scenario of multiple tenants in a cloud and cannot control data transmission leakage between virtual machines, or is not transparent to users, which affects information sharing efficiency in an enterprise.
Therefore, the security assurance technology provided by the existing cloud computing platform has a problem of relatively low security.